'\" t
.\"     Title: pam_authenticate
.\"    Author: [FIXME: author] [see http://www.docbook.org/tdg5/en/html/author]
.\" Generator: DocBook XSL Stylesheets v1.79.2 <http://docbook.sf.net/>
.\"      Date: 10/24/2024
.\"    Manual: Linux-PAM Manual
.\"    Source: Linux-PAM
.\"  Language: English
.\"
.TH "PAM_AUTHENTICATE" "3" "10/24/2024" "Linux\-PAM" "Linux\-PAM Manual"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
pam_authenticate \- account authentication
.SH "SYNOPSIS"
.sp
.ft B
.nf
#include <security/pam_appl\&.h>
.fi
.ft
.HP \w'int\ pam_authenticate('u
.BI "int pam_authenticate(pam_handle_t\ *" "pamh" ", int\ " "flags" ");"
.SH "DESCRIPTION"
.PP
The
\fBpam_authenticate\fR
function is used to authenticate the user\&. The user is required to provide an authentication token depending upon the authentication service, usually this is a password, but could also be a finger print\&.
.PP
The PAM service module may request that the user enter their username via the conversation mechanism (see
\fBpam_start\fR(3)
and
\fBpam_conv\fR(3))\&. The name of the authenticated user will be present in the PAM item PAM_USER\&. This item may be recovered with a call to
\fBpam_get_item\fR(3)\&.
.PP
The
\fIpamh\fR
argument is an authentication handle obtained by a prior call to pam_start()\&. The flags argument is the binary or of zero or more of the following values:
.PP
PAM_SILENT
.RS 4
Do not emit any messages\&.
.RE
.PP
PAM_DISALLOW_NULL_AUTHTOK
.RS 4
The PAM module service should return PAM_AUTH_ERR if the user does not have a registered authentication token\&.
.RE
.SH "RETURN VALUES"
.PP
PAM_ABORT
.RS 4
The application should exit immediately after calling
\fBpam_end\fR(3)
first\&.
.RE
.PP
PAM_AUTH_ERR
.RS 4
The user was not authenticated\&.
.RE
.PP
PAM_CRED_INSUFFICIENT
.RS 4
For some reason the application does not have sufficient credentials to authenticate the user\&.
.RE
.PP
PAM_AUTHINFO_UNAVAIL
.RS 4
The modules were not able to access the authentication information\&. This might be due to a network or hardware failure etc\&.
.RE
.PP
PAM_MAXTRIES
.RS 4
One or more of the authentication modules has reached its limit of tries authenticating the user\&. Do not try again\&.
.RE
.PP
PAM_SUCCESS
.RS 4
The user was successfully authenticated\&.
.RE
.PP
PAM_USER_UNKNOWN
.RS 4
User unknown to authentication service\&.
.RE
.SH "SEE ALSO"
.PP
\fBpam_start\fR(3),
\fBpam_setcred\fR(3),
\fBpam_chauthtok\fR(3),
\fBpam_strerror\fR(3),
\fBpam\fR(8)
